<?php
/**
 * Zend Framework
 * LICENSE
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 * @category Zend
 * @package Zend_Auth
 * @subpackage Zend_Auth_Adapter
 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
 * @license http://framework.zend.com/license/new-bsd New BSD License
 * @version $Id: OpenId.php 24593 2012-01-05 20:35:02Z matthew $
 */
/**
 *
 * @see Zend_Auth_Adapter_Interface
 */
require_once 'Zend/Auth/Adapter/Interface.php';
/**
 *
 * @see Zend_OpenId_Consumer
 */
require_once 'Zend/OpenId/Consumer.php';

/**
 * A Zend_Auth Authentication Adapter allowing the use of OpenID protocol as an
 * authentication mechanism
 * @category Zend
 * @package Zend_Auth
 * @subpackage Zend_Auth_Adapter
 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
 * @license http://framework.zend.com/license/new-bsd New BSD License
 */
class Zend_Auth_Adapter_OpenId implements Zend_Auth_Adapter_Interface {

    /**
     * The identity value being authenticated
     * @var string
     */
    private $_id = null;

    /**
     * Reference to an implementation of a storage object
     * @var Zend_OpenId_Consumer_Storage
     */
    private $_storage = null;

    /**
     * The URL to redirect response from server to
     * @var string
     */
    private $_returnTo = null;

    /**
     * The HTTP URL to identify consumer on server
     * @var string
     */
    private $_root = null;

    /**
     * Extension object or array of extensions objects
     * @var string
     */
    private $_extensions = null;

    /**
     * The response object to perform HTTP or HTML form redirection
     * @var Zend_Controller_Response_Abstract
     */
    private $_response = null;

    /**
     * Enables or disables interaction with user during authentication on
     * OpenID provider.
     * @var bool
     */
    private $_check_immediate = false;

    /**
     * HTTP client to make HTTP requests
     * @var Zend_Http_Client $_httpClient
     */
    private $_httpClient = null;

    /**
     * Constructor
     * @param string $id the identity value
     * @param Zend_OpenId_Consumer_Storage $storage an optional implementation
     *        of a storage object
     * @param string $returnTo HTTP URL to redirect response from server to
     * @param string $root HTTP URL to identify consumer on server
     * @param mixed $extensions extension object or array of extensions objects
     * @param Zend_Controller_Response_Abstract $response an optional response
     *        object to perform HTTP or HTML form redirection
     * @return void
     */
    public function __construct ($id = null, Zend_OpenId_Consumer_Storage $storage = null, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null) {
        $this -> _id = $id;
        $this -> _storage = $storage;
        $this -> _returnTo = $returnTo;
        $this -> _root = $root;
        $this -> _extensions = $extensions;
        $this -> _response = $response;
    }

    /**
     * Sets the value to be used as the identity
     * @param string $id the identity value
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setIdentity ($id) {
        $this -> _id = $id;
        return $this;
    }

    /**
     * Sets the storage implementation which will be use by OpenId
     * @param Zend_OpenId_Consumer_Storage $storage
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setStorage (Zend_OpenId_Consumer_Storage $storage) {
        $this -> _storage = $storage;
        return $this;
    }

    /**
     * Sets the HTTP URL to redirect response from server to
     * @param string $returnTo
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setReturnTo ($returnTo) {
        $this -> _returnTo = $returnTo;
        return $this;
    }

    /**
     * Sets HTTP URL to identify consumer on server
     * @param string $root
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setRoot ($root) {
        $this -> _root = $root;
        return $this;
    }

    /**
     * Sets OpenID extension(s)
     * @param mixed $extensions
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setExtensions ($extensions) {
        $this -> _extensions = $extensions;
        return $this;
    }

    /**
     * Sets an optional response object to perform HTTP or HTML form redirection
     * @param string $root
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setResponse ($response) {
        $this -> _response = $response;
        return $this;
    }

    /**
     * Enables or disables interaction with user during authentication on
     * OpenID provider.
     * @param bool $check_immediate
     * @return Zend_Auth_Adapter_OpenId Provides a fluent interface
     */
    public function setCheckImmediate ($check_immediate) {
        $this -> _check_immediate = $check_immediate;
        return $this;
    }

    /**
     * Sets HTTP client object to make HTTP requests
     * @param Zend_Http_Client $client HTTP client object to be used
     */
    public function setHttpClient ($client) {
        $this -> _httpClient = $client;
    }

    /**
     * Authenticates the given OpenId identity.
     * Defined by Zend_Auth_Adapter_Interface.
     * @throws Zend_Auth_Adapter_Exception If answering the authentication query is impossible
     * @return Zend_Auth_Result
     */
    public function authenticate () {
        $id = $this -> _id;
        if ( ! empty ($id)) {
            $consumer = new Zend_OpenId_Consumer ($this -> _storage);
            $consumer -> setHttpClient ($this -> _httpClient);
            /* login() is never returns on success */
            if ( ! $this -> _check_immediate) {
                if ( ! $consumer -> login ($id, $this -> _returnTo, $this -> _root, $this -> _extensions, $this -> _response)) {
                    return new Zend_Auth_Result (Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer -> getError ()));
                }
            } else {
                if ( ! $consumer -> check ($id, $this -> _returnTo, $this -> _root, $this -> _extensions, $this -> _response)) {
                    return new Zend_Auth_Result (Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer -> getError ()));
                }
            }
        } else {
            $params = (isset ($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') ? $_POST : $_GET;
            $consumer = new Zend_OpenId_Consumer ($this -> _storage);
            $consumer -> setHttpClient ($this -> _httpClient);
            if ($consumer -> verify ($params, $id, $this -> _extensions)) {
                return new Zend_Auth_Result (Zend_Auth_Result::SUCCESS, $id, array("Authentication successful"));
            } else {
                return new Zend_Auth_Result (Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer -> getError ()));
            }
        }
    }

}
